Startup and Shutdown
A booting overview
- The process by which a computer is turned on and the UNIX operating system starts functioning – booting – consists of the following steps
- finding the kernel
- starting the kernel
- starting the processes
Finding the kernel
- The kernel is the heart of the UNIX operating system. The kernel provides a number of essential services, which are required by the rest of the system in order for it to be functional. The first step is finding the kernel.
- Most computers have a section of read only memory (ROM) that contains a program the machine executes when the power first comes on.
- On an IBM PC, the ROM program does some hardware checks and then looks in a number of predefined locations (the first floppy and the primary hard drive partition) for a bootstrap program.
- On hardware designed for the UNIX operating system (machines from SUN, DEC, IBM, HP, etc.), the ROM program is more complex than that of a PC. Many will present some type of prompt. This prompt generally accepts a number of commands that allow the administrator to specify
- Where to boot the machine from. This can be a local CD-ROM, a Hard Drive, or network server.
- perform system tests
- boot to single user or multi-user mode
- The ROM must be smart enough to find the bootstrap program.
The bootstrap program
- The code stored in the boot block is referred to as a bootstrap program.
- The boot block is not large enough to hold the kernel, so this intermediate stage is necessary.
- The bootstrap program is responsible for locating and loading (starting) the kernel of the UNIX operating system into memory.
- The kernel of most UNIX operating systems is stored in the root directory of the filesystem.
- Under Red Hat Linux, the kernel is stored in /boot.
- The most common bootstrap program in Linux is called LILO.
Boot on a PC
- The BIOS on a PC contains
- a program that performs a power on self test (POST) each time it is powered on.
- a program called SETUP, which allows the user to configured certain hardware components of the computer. Pressing the “DEL” or “F2” keys on the keyboard enters the SETUP program.
- The BIOS generally looks for a bootstrap program in this order
- the first floppy drive ( A: )
- the first partition on the first hard drive ( C: )
- the first CD-ROM drive
- Most modern computers allow users to change the boot sequence via the SETUP program.
- The bootstrap program is stored on the first sector of the boot device.
- The bootstrap program is loaded into memory and executed. It then loads the kernel into memory.
Making a boot disk under Linux (manually)
- Insert a floppy disk into a computer already running Linux
- Login as root
- change into the /boot directory
- copy the kernel onto the floppy: dd if=vmlinux of=/dev/fd0
Note: The kernel name may contain a version number. For example, the kernel name could be vmlinux-2.0.31.
- Tell the boot disk where to find the root disk: rdev /dev/fd0 /dev/hda6 (make sure this points to the Linux boot partition)
- Easiest way to create a self contained boot diskette for your system.
- Gives you the “rescue” option at the boot prompt. This option gives you the ability to create a system in RAM and mount your hard drives so you can modify them.
Using a boot loader
- Having a boot floppy for your system is a good idea. It can save you if your system will not boot from the hard drive.
- The steps listed above will not work with a hard drive. A boot loader, such as LILO, is needed.
- A boot loader generally examples the partition table of the hard drive, identifies the active partition, and then reads and starts the code in the boot sector for that partition.
- Other features offered by LILO
- using a key to bring up a prompt to modify the boot procedure, and
- the passing of parameters to the kernel to modify its operation
LILO – Linux Loader
- LILO is the boot loader (or boot manager) used in most Linux systems.
- LILO allows the user to select from multiple operating systems to boot (dual boot)
- The LILO configuration file is /etc/lilo.conf.
- You must execute the LILO command after making changes to the configuration file. This will update LILO with the changes made.
- To uninstall LILO and restore the previous master boot record (MBR), issue the command: lilo –u
- To prevent someone from booting your Linux system in Single User Mode without specifying a password:
- Edit /etc/lilo.conf
- add the option: password=clear_text_password:
- add the option: restricted:
- Save the changes
- change permissions on the file so only root has read and write permissions. (chmod 600 /etc/lilo.conf)
- execute `lilo` to update changes
Starting the kernel
- The kernel will go through the following process
- Swapper is a part of the kernel and therefore is not a real process.
- The init process is the parent of all processes that will execute on a UNIX system.
- Once the kernel has initialized itself, init will perform the remainder of the startup procedure.
- initialize its internal data structures
- check for hardware connected to your system ( Note: the kernel only looks for hardware that it contains code for. )
- verify the integrity of the root file system and then mount it
- create the process 0 (swapper) and process 1 (init)
Kernel boot messages
- When a UNIX kernel is booting, it will display messages on the main console about what it is doing.
- Under Linux, these messages are sent to syslog and are by default appended to the file /var/log/messages.
- You may find the file /var/log/dmesg, which also contains a copy of the boot messages.
Starting the processes
- An existing process performing a fork operation creates processes.
- init is the ancestor of all processes on a UNIX system.
- It always has a process ID (PID) of 1.
- init is responsible for starting all other services.
- The services to be started is specified in init’s configuration file, /etc/inittab.
- init is responsible for placing the computer into one of a number of run levels.
- The run level controls what services are started or stopped by init.
- When a Linux system boots, init examines the /etc/inittab file for an entry of type initdefault. This entry will determine the initial run level of the system.
|0||halt the machine|
|1||Single user mode – All file systems are mounted, only small set of kernel processes running. Only root can log in.|
|2||Multi-user mode, without remote file sharing (NFS)|
|3||Multi-user mode, with remote file sharing, processes, and daemons|
|4||user definable system state|
|5||used for staring X-Windows automatically on boot|
|6||shutdown and reboot|
|a ba c||on demand run levels|
|s or S||Same as single user mode, only used by scripts|
- Under Linux, the telinit command is used to change the current run level. The init command is also used for the same purpose.
- telinit is actually a soft link to init.
- telinit or init accept a single character argument from the following
- The run level to switch to: 0 1 2 3 4 5 6
- Tells init that there has been a change to /etc/inittab and that it should re-examine it: Q or q
- Tell init to switch to single user mode: S or s
- /etc/inittab is the configuration file for init. It is a colon delimted field where # characters can be used to indicate comments.
- The fields of /etc/inittab:
- the identifier: one or two characters to uniquely identify the entry
- the run level: indicates the run level at which the process should be executed
- the action: tells init how to execute the process
- the process: the full path of the program or shell script to execute
- When init is first started, it determines the default run level by matching the entry in /etc/inittab with the action initdefault.
- The first field is a unique identifier.
- For inittab entries that correspond to terminals the identifier will be the suffix for the terminals device file.
- For each terminal, a getty process must be started by the init process.
- Each terminal will have a name like /dev/tty??. Where ?? will be replaced by a suffix. It is this suffix that must be the identifier in the /etc/inittab file.
- The run levels describe at which run levels the specified action will be performed. For example, it the field contains 123, then the action will be performed in levels 1, 2, and 3.
- This field describes how the process will be executed.
|respawn||restart the process if it finishes|
|wait||init will start the process once and wait unit it has finished before going on to the next entry.|
|once||start the process once, when the run level is entered|
|boot||perform the process during system boot (will ignore the run level field)|
|bootwait||a combination of boot and wait|
|initdefault||specify the default run level|
|sysinit||execute process during boot and before any boot or bootwait entries|
|powerwait||executed when init receives the SIGPWR signal which indicates a problem with the power, init will wait until the process is completed.|
|ondemand||execute whenever the ondemand runlevels are called ( a b c ). When these run levels are called there is NO change in runlevel.|
|powerfail||same as powerwait but don’t wait (refer to the man page for the action powerwait)|
|ctraltdel||executed when init receives SIGINT signal (usually when someone does CTRL-ALT-DEL)|
An example /etc/inittab configuration file
# inittab This file describes how the INIT process should set up
# the system in a certain run-level.
# Author: Miquel van Smoorenburg, <firstname.lastname@example.org>
# Modified for RHS Linux by Marc Ewing and Donnie Barnes
# Default runlevel. The runlevels used by RHS are:
# 0 – halt (Do NOT set initdefault to this)
# 1 – Single user mode
# 2 – Multiuser, without NFS (The same as 3, if you do not have networking)
# 3 – Full multiuser mode
# 4 – unused
# 5 – X11
# 6 – reboot (Do NOT set initdefault to this)
# System initialization.
# Things to run in every runlevel.
# Trap CTRL-ALT-DELETE
ca::ctrlaltdel:/sbin/shutdown -t3 -r now
# When our UPS tells us power has failed, assume we have a few minutes
# of power left. Schedule a shutdown for 2 minutes from now.
# This does, of course, assume you have powerd installed and your
# UPS connected and working correctly.
pf::powerfail:/sbin/shutdown -f -h +2 “Power Failure; System Shutting Down”
# If power was restored before the shutdown kicked in, cancel it.
pr:12345:powerokwait:/sbin/shutdown -c “Power Restored; Shutdown Cancelled”
# Run gettys in standard runlevels
# Run xdm in runlevel 5
- Is simply the absolute path to the command or script that should be executed by init.
Daemons and configuration files
- init is an example of a daemon. It will only read its configuration file, /etc/inittab, when it starts execution. Any changes you make to the configuration file will be read the next time the daemon is started or when you force init to re-read the configuration file.
- One way to tell a daemon to re-examine its configuration file is to send a HUP signal to the daemon. The first step is using the `ps` command to find the process ID (PID) of the daemon. Then use the `kill` command to send a HUP signal to the daemon. init is easy because it will always have a PID of 1.
kill –1 1 or kill HUP 1 -sends the HUP signal to init
- The most common way for tell init to re-examine its configuration file is using the `telinit Q` command.
- There are a number of tasks, which must be completed in order to configure the system for operation. Most of these tasks are performed by the /etc/rc.d/rc.sysinit script.
- This script performs the following operations
- sets up a search path that will be used by the other scripts
- obtains network configuration data
- activates the swap partitions of your system
- sets the hostname of your system
- sets the machine’s NIS domain ( if in use )
- performs a check on the file systems of your system
- turns on disk quotas (if being used)
- sets up plug and play support
- deletes old lock and tmp files
- sets the system clock
- loads any kernel modules
- On Red Hat systems, a mingetty process is started for virtual console logins.
- The system startup scripts are shell scripts written using the Bourne Shell. Each run level executes /etc/rc.d/rc. The run level is passed to this script as an argument.
- In the UNIX world there is two styles for startup files: BSD and System V. Red Hat uses the System V style.
|rc0.d rc1.d rc2.d rc3.d rc4.d rc5.d rc6.d||Directories which contain links to scripts which are executed when a run level is entered|
|rc||A shell script, which is passed the run level it then executes the scripts in the appropriate directory.|
|init.d||Contains the actual scripts which are executed. These scripts take either start or stop (as well as others) as a parameter.|
|rc.sysinit||run once at boot time to perform specific system initialization.|
|rc.local||the last script run, used to do any tasks specific to your local setup that isn’t done in the normal Sys V setup.|
|rc.serial||not always present, used to perform special configuration on any serial ports.|
The Linux process
- When init first enters a run level it will execute the script /etc/rc.d/rc. This script proceeds to
- determine the current and previous run level
- kill any services which must be killed
- start all the services for the new run level
- /etc/rc.d/rc knows how to start or kill services for a run level because of the name in the directory for each run level.
- Filenames in each directory use the same format: [SK]numberService
- where number is some integer and Service is the name of a service
- All files beginning with S are used to start a service.
- All files beginning with K are used to kill a service.
- The numbers in the filenames are used to indicate the order in which these services should be started or killed.
- The filenames in each rcX.d directory are nothing more than soft links to scripts stored in /etc/rc.d/init.d
Starting and stopping
- Scripts in /etc/rc.d/init.d are useful when you are performing maintenance on your system. Use them to start and stop services while you are working on them.
- For example: to stop the web server:
$ /etc/rc.d/init.d/httpd stop Stops the web server daemon
$ /etc/rc.d/init.d/httpd start Starts the web server
- No need to reboot your system to reconfigure most services. Simply stop the service, edit the configuration file(s), and restart the service.
- Scripts that start services during system start up create lock files. These files, if they exist, indicate that a service is operating and prevents the system from starting a service, which is already running.
- Never turn off a UNIX system by pressing the power button. During so can cause damage to the file system or corrupt data.
- If the system is not shutdown correctly, the system will be forced to perform a detailed check of the file systems. You may be forced into single user mode if the check fails. Then you must run the `fsck` command to repair the file disk and then reboot.
- Tasks to be completed for a UNIX system to shutdown cleanly
- tell users the system is going down. Give them enough time to save their work and log out.
- Signal the currently executing processes that it is time for them to die.
- place the system into single user mode
- performs `sync` to flush the file systems buffers so that the physical state of the file system matches the logical state.
Reasons for Shutting down
- Limit the number of times you turn a computer on or off as doing so causes wear and tear. it is better to leave a system on 24 hours a day, 365 days a year.
- Some reasons for shutting down a UNIX system
- General housekeeping – every reboot causes the system to delete files from the temporary directories and perform checks on the machines file systems. Rebooting also get rid of any zombie processes. Zombie processes are those that you killed but would not die.
- general failures – Problems may arise for which you have only one resort, reboot the system. These problems include hanging logins, unsuccessful mounts requests, dazed devices, runaway processes filling up disk space or CPU time and preventing any useful work being done.
- System maintenance and additions – Some work require the machine to be turned off. For example, replacing a failed hard disk or adding a network interface card (NIC).
Being nice to users
- The shutdown command can be used to initiate a system shutdown and notify users. You can schedule a time for the shutdown to occur.
- When using shutdown, a message is sent to all users informing them that the system is going down.
- System shutdown must be scheduled. System maintenance should be performed during scheduled down time. Keep the system running as much as possible. Take it down only when necessary.
- Edit /etc/motd (Message Of The Day) to add any messages you want all users to see upon logging into the system. Schedule down times can be added to the file.
Commands to shutdown
- shutdown – most used, can send messages to users indicating the system is going down. These messages are repeated at preset intervals until the time to shutdown has been reached.
- halt – logs the shutdown, kills the system processes, executes sync and halts the system.
- reboot – similar to halt, but causes the system to reboot.
- sending a term signal to init – ` kill –15 1` will cause init to change run levels to single user mode. Not a safe method of shutting down the system.
- the fasthalt or fastboot commands – These commands create a file /fastboot before calling halt or reboot. The /fastboot file causes the system to skip the testing of the file systems on reboot.
- –h : Halts the system
- –r : reboot the system
- –f : do a fast boot
- –q : use a default broadcast message
- –s : reboot to single user mode
- –k : fake shutdown, sends messages, but never takes the system down.
- –c : cancel a running shutdown
The time at which a shutdown will occur are specified by the following options
- now – shutdown immediately
- hh:ss – shutdown at the time specified
- +mins – shutdown mins from now
- What happens
- five minutes before shutdown or straightway if shutdown is less than 5 mins, the file /etc/nologin is created to prevent users to log on the system.
- At shutdown time, all users are notified, init is told not to spawn any more getty processes. Shutdown time is written in /var/log/wtmp. All processes are kill. A sync is performed, all file systems are unmounted, another sync is performed, and the system is rebooted.
- Only use halt and reboot when no one is logged on the system.